Security measures include the following:
- Expert team of experienced, professional engineers and security specialists
- Round-the-clock protection of data and systems
- Continuous deployment of proven, up-to-date firewall protection, SSL encryption, and other security technologies
- Ongoing evaluation of emerging security developments and threats
- Complete redundancy throughout the entire Sycle.net Online Infrastructure architecture
Physical Security: Our production equipment is collocated at an IBM Data Center that provides:
- 24-hour physical security
- Enforcement of fingerprint and body weight verification for all facility access
- Solid, steel-reinforced concrete building
- Redundant electrical generators and data center air conditioners v
- Emergency diesel generators
- Other backup equipment designed to keep servers continually up and running Data Encryption: Sycle.net leverages the strongest encryption products to protect customer data and communications, including 128-bit SSL certification and 2048-bit RSA public keys.
User Authentication: Users access Sycle.net only with a valid username and password combination, which is encrypted via SSL while in transmission. An encrypted session ID cookie is used to uniquely identify each user. For added security, the session key is automatically scrambled and re-established in the background at regular intervals.
Application Security: Our comprehensive application security model prevents one Sycle.net customer from accessing another’s data. This security model is reapplied with every request and enforced for the entire duration of a user session.
Internal Systems Security: Inside of the perimeter firewalls, systems are safeguarded by network high-performance web proxies, access control lists, non-routable IP addressing schemes, and more. Exact details of these features are proprietary.
Database Security: Sycle database servers are not exposed to the internet. All Sycle database servers reside on a separate private network that can only be accessed by the Sycle application. All Sycle administration is through individual, monitored administration logins.
Server Management Security: All data entered into the Sycle.net application by a customer is owned by that customer. Sycle.net employees do not have direct access to the Sycle.net production equipment, except where necessary for system management and administration, monitoring, backups and customer support at the behest of the customer.
Business Continuity and Disaster Recovery: All networking components, SSLaccelerators, load balancers, web servers, and application servers are configured in a redundant configuration. All customer data is stored on multiple database servers with full business continuity fail-over. Data is backed up nightly and stored to a secure offsite facility. In the event of catastrophic failure, data can be restored within a maximum of 24 hours.